Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-35140

HCL DFXAnalytics is affected by a Missing Secure Attribute in Encrypted Session (SSL) Cookie vulnerability. The application fails to set the "secure" attribute on session cookies generated during authentication, which could allow a remote attacker to intercept network traffic and capture sensitive cookies, session tokens, or credentials sent in cleartext over unencrypted channels.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 5.7%
CVSS Severity
CVSS v3 Score 3.0
Products affected by CVE-2026-35140


Contact Us

Shodan ® - All rights reserved